Search Results

Source: ~/.claude/skills/tob-semgrep-rule-variant-creator/skills/semgrep-rule-variant-creator/SKILL.md name: semgrep-rule-variant-creator description: Creates language variants of existing Semgrep rules. Use when porting a Semgrep rule to specified target lan...

Source: ~/.claude/skills/tob-sharp-edges/skills/sharp-edges/SKILL.md name: sharp-edges description: "Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration schema...

Source: ~/.claude/skills/tob-spec-to-code-compliance/skills/spec-to-code-compliance/SKILL.md name: spec-to-code-compliance description: Verifies code implements exactly what documentation specifies for blockchain audits. Use when comparing code against whitep...

Source: ~/.claude/skills/tob-static-analysis/skills/codeql/SKILL.md name: codeql description: >- Runs CodeQL static analysis for security vulnerability detection using interprocedural data flow and taint tracking. Applicable when finding vulnerabilities, runn...

Source: ~/.claude/skills/tob-static-analysis/skills/sarif-parsing/SKILL.md name: sarif-parsing description: Parse, analyze, and process SARIF (Static Analysis Results Interchange Format) files. Use when reading security scan results, aggregating findings from...

Source: ~/.claude/skills/tob-static-analysis/skills/semgrep/SKILL.md name: semgrep description: Run Semgrep static analysis scan on a codebase using parallel subagents. Automatically detects and uses Semgrep Pro for cross-file analysis when available. Use whe...

Source: ~/.claude/skills/tob-testing-handbook-skills/skills/address-sanitizer/SKILL.md name: address-sanitizer type: technique description: > AddressSanitizer detects memory errors during fuzzing. Use when fuzzing C/C++ code to find buffer overflows and use-a...

Source: ~/.claude/skills/tob-testing-handbook-skills/skills/aflpp/SKILL.md name: aflpp type: fuzzer description: > AFL++ is a fork of AFL with better fuzzing performance and advanced features. Use for multi-core fuzzing of C/C++ projects. AFL++ AFL++ is a for...

Source: ~/.claude/skills/tob-testing-handbook-skills/skills/atheris/SKILL.md name: atheris type: fuzzer description: > Atheris is a coverage-guided Python fuzzer based on libFuzzer. Use for fuzzing pure Python code and Python C extensions. Atheris Atheris is ...

Source: ~/.claude/skills/tob-testing-handbook-skills/skills/cargo-fuzz/SKILL.md name: cargo-fuzz type: fuzzer description: > cargo-fuzz is the de facto fuzzing tool for Rust projects using Cargo. Use for fuzzing Rust code with libFuzzer backend. cargo-fuzz ca...

Source: ~/.claude/skills/tob-testing-handbook-skills/skills/constant-time-testing/SKILL.md name: constant-time-testing type: domain description: > Constant-time testing detects timing side channels in cryptographic code. Use when auditing crypto implementatio...

Source: ~/.claude/skills/tob-testing-handbook-skills/skills/coverage-analysis/SKILL.md name: coverage-analysis type: technique description: > Coverage analysis measures code exercised during fuzzing. Use when assessing harness effectiveness or identifying fuz...

Source: ~/.claude/skills/tob-testing-handbook-skills/skills/fuzzing-dictionary/SKILL.md name: fuzzing-dictionary type: technique description: > Fuzzing dictionaries guide fuzzers with domain-specific tokens. Use when fuzzing parsers, protocols, or format-spec...

Source: ~/.claude/skills/tob-testing-handbook-skills/skills/fuzzing-obstacles/SKILL.md name: fuzzing-obstacles type: technique description: > Techniques for patching code to overcome fuzzing obstacles. Use when checksums, global state, or other barriers block...

Source: ~/.claude/skills/tob-testing-handbook-skills/skills/harness-writing/SKILL.md name: harness-writing type: technique description: > Techniques for writing effective fuzzing harnesses across languages. Use when creating new fuzz targets or improving exis...

Source: ~/.claude/skills/tob-testing-handbook-skills/skills/libafl/SKILL.md name: libafl type: fuzzer description: > LibAFL is a modular fuzzing library for building custom fuzzers. Use for advanced fuzzing needs, custom mutators, or non-standard fuzzing targ...

Source: ~/.claude/skills/tob-testing-handbook-skills/skills/libfuzzer/SKILL.md name: libfuzzer type: fuzzer description: > Coverage-guided fuzzer built into LLVM for C/C++ projects. Use for fuzzing C/C++ code that can be compiled with Clang. libFuzzer libFuzz...

Source: ~/.claude/skills/tob-testing-handbook-skills/skills/ossfuzz/SKILL.md name: ossfuzz type: technique description: > OSS-Fuzz provides free continuous fuzzing for open source projects. Use when setting up continuous fuzzing infrastructure or enrolling pr...